Multiple critical vulnerabilities, including request smuggling and a timing attack, have been discovered in the Hiawatha web server, potentially allowing attackers to bypass authentication and gain server control. While the project is largely unsupported, administrators are urged to update and minimize server exposure. These flaws pose a significant risk to affected systems.
Latest mentioned: 09-10
Earliest mentioned: 09-10